Oracle Linux 5 : kernel (ELSA-2013-1449)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote Oracle Linux host is missing one or more security updates.

Description :

From Red Hat Security Advisory 2013:1449 :

Updated kernel packages that fix multiple security issues and one bug
are now available for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having
moderate security impact. Common Vulnerability Scoring System (CVSS)
base scores, which give detailed severity ratings, are available for
each vulnerability from the CVE links in the References section.

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

* A flaw was found in the way the Linux kernel handled the creation of
temporary IPv6 addresses. If the IPv6 privacy extension was enabled
(/proc/sys/net/ipv6/conf/eth0/use_tempaddr is set to '2'), an attacker
on the local network could disable IPv6 temporary address generation,
leading to a potential information disclosure. (CVE-2013-0343,
Moderate)

* An information leak flaw was found in the way Linux kernel's device
mapper subsystem, under certain conditions, interpreted data written
to snapshot block devices. An attacker could use this flaw to read
data from disk blocks in free space, which are normally inaccessible.
(CVE-2013-4299, Moderate)

* An off-by-one flaw was found in the way the ANSI CPRNG
implementation in the Linux kernel processed non-block size aligned
requests. This could lead to random numbers being generated with less
bits of entropy than expected when ANSI CPRNG was used.
(CVE-2013-4345, Moderate)

* An information leak flaw was found in the way Xen hypervisor
emulated the OUTS instruction for 64-bit paravirtualized guests. A
privileged guest user could use this flaw to leak hypervisor stack
memory to the guest. (CVE-2013-4368, Moderate)

Red Hat would like to thank Fujitsu for reporting CVE-2013-4299,
Stephan Mueller for reporting CVE-2013-4345, and the Xen project for
reporting CVE-2013-4368.

This update also fixes the following bug :

* A bug in the GFS2 code prevented glock work queues from freeing
glock-related memory while the glock memory shrinker repeatedly queued
a large number of demote requests, for example when performing a
simultaneous backup of several live GFS2 volumes with a large file
count. As a consequence, the glock work queues became overloaded which
resulted in a high CPU usage and the GFS2 file systems being
unresponsive for a significant amount of time. A patch has been
applied to alleviate this problem by calling the yield() function
after scheduling a certain amount of tasks on the glock work queues.
The problem can now occur only with extremely high work loads.
(BZ#1014714)

All kernel users are advised to upgrade to these updated packages,
which contain backported patches to correct these issues. The system
must be rebooted for this update to take effect.

See also :

https://oss.oracle.com/pipermail/el-errata/2013-October/003755.html

Solution :

Update the affected kernel packages.

Risk factor :

Medium / CVSS Base Score : 6.0
(CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P)
CVSS Temporal Score : 5.2
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Oracle Linux Local Security Checks

Nessus Plugin ID: 70575 ()

Bugtraq ID: 58795
62740
62935
63183

CVE ID: CVE-2013-0343
CVE-2013-4299
CVE-2013-4345
CVE-2013-4368